SACM - Australia

Permanent URI for this collectionhttps://drepo.sdl.edu.sa/handle/20.500.14154/9648

Browse

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    ItemRestricted
    Intelligent Approaches for Robust Blockchain-based Identity Management
    (Saudi Digital Library, 2023-02-01) Alharbi, Mekhled; Hussain, Farookh
    Smart contracts, which are maintained on blockchain, are self-executing protocols designed to monitor and confirm the fulfilment of a contract’s terms. The trustworthiness of these contracts is guaranteed by these protocols, which also excludes any intermediaries from the transactions. Blockchain is a modern technology with rapidly expanding significance that is used in many applications, such as financial transactions, smart cities, and share trading. Currently, users’ identities are stored and managed by service providers using their centralized system. Identity information management is usually undertaken by the providers which raises concerns about user privacy and trustworthiness. Blockchain technology has the potential to enhance the identity management domain by eliminating the need for a trusted intermediary. However, the advent of blockchain technology has led to new identity management concepts to tackle trustworthiness and privacy challenges, granting users control over their information. Blockchain is suitable for situations requiring both trust and transparency due to its inherent characteristics. Therefore, there is a critical need to develop intelligent approaches to manage user identity information in a reliable manner. Thus, we tackle this issue by providing a solution that combines the mechanism of identity management with smart contracts based on blockchain and the use of artificial intelligence. We performed a systematic literature review to deepen our understanding of the issues and solutions employed in addressing these challenges to identify the drawbacks of the existing methods in the field of identity management. In the existing literature, no solution has been proposed to manage user identities in a way that guarantees data privacy and trustworthiness through the use of blockchain-based smart contracts and artificial intelligence techniques. The use of blockchain based on smart contracts has the potential to play a significant part in identity management by improving transparency and privacy. In this thesis, we develop intelligent approaches to solve the aforementioned research issue. We integrate blockchain-based smart contracts with identity management to detect duplicate user identities while maintaining the privacy of the data of these identities, thus multiple machine learning approaches are proposed to detect duplicate users’ identities on top of blockchain. We also develop an early warning system to generate alerts for users whose identities are nearing expiration. Furthermore, we propose an algorithm to intelligently compute the trustworthiness score of a user’s identity based on the identity documents provided by the user, which are stored safely, hence boosting confidence in the users’ trustworthiness score. Finally, a software prototype is selected to validate the performance of the methods proposed in this thesis.
    36 0
  • Thumbnail Image
    ItemRestricted
    Developing an Awareness Framework for Software Developers to Implement Privacy into Software Systems
    (Saudi Digital Library, 2023-06-14) Alhazmi, Abdulrahman; Arachchilage‬, Nalin
    The use of software applications is inevitable as they provide different services to users. The software applications collect, store user data, and sometimes share it with a third party, even without the user’s consent. The Internet has also grown, significantly increasing data breaches in software systems. One of the reasons for this might be that the software developers responsible for ensuring that software systems are embedded with the appropriate privacy guided by laws such as GDPR, fail to implement the laws. GDPR law has guidelines that software developers can follow to implement privacy into software systems. Nevertheless, many data breaches might be due to the failure to implement guidelines. Developers might be lacking enough motivation to implement the GDPR law. Therefore, to equip developers with the motivation to implement their skills to mitigate such breaches, this thesis proposes a GDPR game-based teaching framework. Gamification, widely described as "the use of game design elements in non-game contexts", has previously shown potential in the development of exciting and efficient learning experiences, both in the sense of education and business. Some researchers have concentrated on the connection between software privacy and gamification, but they only focus on a few data privacy elements. The proposed framework will focus on improving developers' secure coding behaviour by way of their motivation. The novelty of this framework is that it will incorporate all GDPR principles together, making sure that software developers put GDPR into practice, resulting in software systems embedded with privacy. This study aimed to assess the effectiveness of a gamified application in educating developers on incorporating privacy-preserving techniques into software code. The impact of developers on application design was examined, and subjective satisfaction was assessed using the System Usability Scale (SUS). A think-aloud study experiment with pre-test and post-test evaluations was conducted, revealing encouraging results. Participants demonstrated a significant improvement in their understanding of the General Data Protection Regulation (GDPR) and their ability to incorporate privacy into their code. The gamified application successfully taught participants how to use privacy-preserving techniques in software design. This study investigates the motivating factors that influence developers' adoption of privacy-preserving techniques in software code. Key factors identified include perceived threat, susceptibility, severity, self-efficacy, lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality. These findings highlight the effectiveness of gamification in promoting secure coding behaviour and inform the game design framework for privacy incorporation.
    68 0

Copyright owned by the Saudi Digital Library (SDL) © 2024